<?php

$userid = get_session('findpwd_userid');
if(empty($userid)){
	go('./index.php?mdl=findpwd&do=account');
}
$userinfo = $__oUser->get_by_userid($userid, '`userid`,`username`,`nickname`,`email`,`password_faq`,`password_ans`');

if(empty($_POST['formAction'])){
	$vars['userinfo'] = $userinfo;
}else{
	if(authnum_check() == false){
		ajax_msg('warning', '验证码不正确', 'callback_findpwd_faq');
	}	
	$ans = empty($_POST['ans']) ? '' : trim($_POST['ans']);
	if($ans == $userinfo['password_ans']){
		$_str = serialize(array(
			'userid'	=> $userinfo['userid'],
			'email'		=> $userinfo['email'],
		));
		$confirm_code	= base64_encode(php_authcode($_str, $operation = 'ENCODE', $key = '', $expiry = 86400 * 2));	
		ajax_msg('succ', $confirm_code, 'callback_findpwd_faq');
	}
	ajax_msg('error', '答案错误', 'callback_findpwd_faq');

}
?>